The downstream (FreeBSD) ntp man pages are out of date. Switch to those
provided by ntp.org (nwtime.org).
PR: 104493
Differential Revision: https://reviews.freebsd.org/D47319
IERS is the canonical source of leap-seconds. IANA, NIST and USNO obtain
their leap-second updates from IERS.
This resolves an issue for IPv6-only hosts as IERS is not accessible
via IPv6, requiring IPv6-only host to rely on some other source,
above.
From this point forward we should fetch the file from IERS, the
organization responsible for deciding when to insert leap-seconds.
PR: 279413
Obtained from: https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list
Discussed with: imp
MFC after: 1 day
Chase a466cc5537, updating the version string in the local config.h.
Reported by: Trond Endrestol <Trond.Endrestol@ximalas.info>
Fixes: a466cc5537
MFC after: immediately
0.pool.* returns only IPv4 addresses.
2.pool.* returns both, IPv6 and IPv4 addresses.
conservatively extend our IPv4 only pool configuration by adding a
second pool, which also returns IPv6 addresses.
PR: 270536
Reported by: Lapo Luchini <lapo@lapo.it>
MFC after: 3 days
Pull Request: https://github.com/freebsd/freebsd-src/pull/731
Differential Revision: https://reviews.freebsd.org/D39954
libopts uses generated format string tables that contain embedded NULs.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34386
When starting, ntpd calls setrlimit(2) to limit maximum size of its
stack. The stack limit chosen by ntpd is 200K, so when stack gap
is enabled, the stack gap is larger than this limit, which results
in ntpd crashing.
Submitted by: Dawid Gorecki <dgr@semihalf.com>
Reviewed by: cy, imp
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D29553
* powerpc time_t is 64 bit, not 32 bit.
* Add definition for powerpc64le.
With this, powerpc64le ntpd and ntpdate operate correctly instead of
corrupting the clock and exiting.
Tested on powerpc64, powerpc64le, and powerpc.
No feedback from cy@.
I am a bit confused as to how SIZEOF_TIME_T being wrong ever worked on
powerpc, it being big endian and all.
Sponsored by: Tag1 Consulting, Inc.
Differential Revision: https://reviews.freebsd.org/D26379
Update 4.2.8p14 --> 4.2.8p15
Summary: Systems that use a CMAC algorithm in ntp.keys will not release
a bit of memory on each packet that uses a CMAC keyid, eventually causing
ntpd to run out of memory and fail. The CMAC cleanup from
https://bugs.ntp.org/3447, part of ntp-4.2.8p11, introduced a bug whereby
the CMAC data structure was no longer completely removed.
MFC after: 3 days
Security: NTP Bug 3661
Most of ntpd still handles MK_OPENSSL ok, but the libevent import brought
in the SSL bufferevent routines without checking MK_OPENSSL.
This doesn't completely fix WITHOUT_CRYPTO=YES building, but hey, it's one
less broken thing.
The !USE_OPENSSL_CRYPTO_RAND path uses arc4random_buf() correctly.
In general, we should prefer to avoid things OpenSSL does poorly when a good
alternative exists in libc.
<sys.mk> defines ECHO=echo when not using make -s, and ECHO=true when using
make -s.
export ECHO for ntp products and use it in the mkver script to echo the
version. This suppresses the output as appropriate. ECHO is given a default
value to make sure things still work as expected for anyone that isn't
redefining ECHO.
Reviewed by: cy
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D22101
Update a bunch of Makefile.depend files as
a result of adding Makefile.depend.options files
Reviewed by: bdrewery
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D22494
Leaf directories that have dependencies impacted
by options need a Makefile.depend.options file
to avoid churn in Makefile.depend
DIRDEPS for cases such as OPENSSL, TCP_WRAPPERS etc
can be set in local.dirdeps-options.mk
which can add to those set in Makefile.depend.options
See share/mk/dirdeps-options.mk
Reviewed by: bdrewery
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D22469
pages to page as necessary.
To restore historic BSD behaviour add the following to ntp.conf:
rlimit memlock 32
Discussed on: freebsd-current@ between Sept 6-9, 2019
Reported by: Users using ASLR with stack gap != 0
Reviewed by: ian, kib, rgrimes (all previous versions)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D21581
location.
With newer import of libedit, the path to be able to access readline/readline.h
will also include header which name will conflict with some expected by ntp in
another path and end up breaking the build.
Since these things are more completely controlled by the MK_OPENSSL knob, remove
RELEASE_CRUNCH here. It's no longer needed for the release and other users can
use the more proper knob if they so desire.
